convert access port to trunk port to HP server

I currently setup access port with vlan10 that i connect directly to lets say HP server and looks good there
Now i want to be able to manage the HP server using iLO and want to use same network connection from switch for iLO networking also
iLO network is vlan11

I am assuming i need to change from access port to trunk port, is that so?
And then each the iLO network will work by using the vlan11 network while the regular server networking will also work using the vlan10 network
Is this a good assumption or is there a way to do this on mikrotik device?

That is a Hybrid setup.
You can have an access port on VLAN10 and at the same time the same port can be a Trunk Port for VLAN 11.
Notice though, a trunk Port carries Tagged Traffic, so the port will tag the packets on egress ( the ones that do not belong on VLAN 10 ) with VLAN ID 11. That means your Server should be able to understand that Tagged traffic, i.e. it should be configured in a proper way too…

So everything is fine currently with just vlan10 with regular access port setup
so now i want to allow vlan11 for iLO remote management
so just want to know what to change to achieve this

Good to know proper way to do this on mikrotik
this is a very common setup using iLO network on same network as the server traffic
just want to know how to do this on mikrotik switch

It depends on the Switch model… So what device are you using ?

switch is crs312_4c_8xg_rm

ok, you can use Bridge VLAN filtering.
Start from here http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1
And here https://help.mikrotik.com/docs/display/ROS/Bridge+VLAN+Table

Great thanks
this is what am after https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge#VLAN_Example_.232_.28Trunk_and_Hybrid_Ports.29
just as i assumed it will be, just needed to add the ports as tagged also
very simple

thanks

Correct.
THe trick is that the /interface bridge port settings should be set as though the Hybrid Port was going to be an access port, and dont set any frame types etc…

bridge=bridge interface=etherX pvid=YY
Then, on the /interface bridge settings ensure you follow the respective access port settings for the Hybrid Port (untagged for the vlan)

bridge=bridge tagged=bridge,etherA,etherB untagged=etherX vlan-ids=YY

Then on any other vlans that ALSO NEED TO TRAVERSE etherX, add them as tagged to the appropriate ports.

bridge=bridge tagged=bridge**,etherX** vlan-ids=dd
bridge=bridge tagged=bridge,etherX vlan-ids=ff

Only issue i see is no way to control what VLANs should be allowed per interface port
Lets say i want

port5 to have vlan10 untagged and vlan11 tagged so it can allow both vlans on same port
port6 to have vlan10 untagged, same as access port but for vlan10
port7 to have vlan11 untagged, same as access port but for vlan11

am not sure that configuration can do this, can it?
because things are controlled from bridge VLANs not from the interface ports

An access port, for example, will strip the VLAN tag of the packet matching the VID of the port on egress.
So you can’t have port etherX both Access Port for VLAN 10 and Tagged Port for VLAN10.

Simple rule Uber… A Port (any port) can ONLY HAVE ONE “1” untagged vlan.

So an access port only has one untagged vlan
So a hybrid port only has one untagged vlan (and as many tagged vlans as required)
A trunk port only has tagged vlans
…

/bridge port ports
add bridge=bridge interface=ether5  pvid=10  {hybrid}
add bridge=bridge interface=ether6  pvid=10  {access}
add bridge=bridge interface=ether7  pvid=11  {access}

/interface bridge vlan
add bridge=bridge tagged=bridge,ether5  untagged=ether7 vlan-ids=11
add bridge=bridge tagged=bridge  untagged=ether5,ether6 vlan-ids=10

So a hybrid port only has one untagged vlan (and as many tagged vlans as required)

As long as they do not match.
In practice, it won’t let you add the same port as tagged and untagged anyways…

ok got it now, thanks